Risk-based access: Error when publishing risk-based access policy

Technote (troubleshooting)


When you publish a risk-based access policy by using the manageRbaPolicy command, you might get a ClassNotFound exception.

Resolving the problem

When you try to publish a rule file by using the manageRbaPolicy command, if the policy contains unexpected characters such as “@{rba.risk.score}”, the conversion of the rule file into the runtime security service XACML format fails.

However, instead of a failure message, the following exception occurs:
JMXTransformException java.lang.ClassNotFoundException: com.tivoli.am.rba.xacmlg.TokenMgrError

You can ignore this exception, because the failure is not actually related to a CLASSPATH issue. The WebSphere Application Server wsadmin client class path settings do not require any changes.

The problem is due to policy validation. Hence, the content of the risk-based access policy rule file must be inspected to remove invalid tokens such as “@{rba.risk.score}”.

Related information

Risk-based access information center

Document information

More support for:

Tivoli Federated Identity Manager

Software version:


Operating system(s):

AIX, Linux, Windows

Reference #:


Modified date:


Translate my page

Content navigation